Commit Graph

49940 Commits

Author SHA1 Message Date
Greg Molnar 4d3999de10
DEV: Upgrade Rails to 7.0.5.1 (#22305)
See discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to/83132

Impact of this vulnerability has been assess to be very low for Discourse since XSS attacks are mitigated by Discourse's default CSP.
2023-06-28 07:18:49 +08:00
Alan Guo Xiang Tan 6c838c73e5
DEV: Add `order:title` filter to experimental `/filter` route (#22293)
This has been requested multiple times by users so it makes sense for us
to support this as well.

See https://meta.discourse.org/t/sort-display-of-topics-alphabetically/53911
2023-06-28 06:21:56 +08:00
Jarek Radosz d3facec7d0
DEV: Update `@json-editor/json-editor` (#22308)
Manually tried it out by editing a json_schema setting of a theme component
2023-06-27 23:01:58 +02:00
Jarek Radosz 1027a8a2d7
DEV: Move migration to the correct directory (#22309)
db/migrate/db/migrate ain't it :P
2023-06-27 23:01:39 +02:00
Kris b30ef5d6a0
FIX: nest theme translation data so it saves (#22306) 2023-06-27 14:27:32 -04:00
Jarek Radosz a6bd3994f3
UX: Align chat separators, increase mobile chat width (#22298) 2023-06-27 18:49:45 +02:00
Roman Rizzi 71ff38bab6
DEV: Fix lint and flaky summarization spec (#22303) 2023-06-27 13:18:10 -03:00
Vinoth Kannan ca016c1655
DEV: add `group-messages` css class to user private messages group page. (#22302)
It adds `group-messages` and `group-NAME` css classes to the PM topic list.
2023-06-27 21:34:07 +05:30
Roman Rizzi f4e7a80600
DEV: Cache summarization strategy results. (#22230)
Updates the interface for implementing summarization strategies and adds a cache layer to summarize topics once.

The cache stores the final summary and each chunk used to build it, which will be useful when we have to extend or rebuild it.
2023-06-27 11:44:34 -03:00
Discourse Translator Bot a909dffe8f
Update translations (#22300) 2023-06-27 16:39:27 +02:00
Natalie Tay 1384ba5a4e
FIX: Cater for polls that can have multiple votes per user (#22297)
Cater for polls that can have multiple votes per user.

This fixes an older UserMerge and migration which was intended to
de-duplicate poll votes but did not account for "multiple" type polls.
2023-06-27 18:58:16 +08:00
Vinoth Kannan 78d8bd7c81
FIX: hide "Save Draft" button when editing post on same topic. (#22266)
When the composer is open with a draft for a topic and the user clicks the edit button of a post on the same topic, we shouldn't display the "Save Draft" button. Because the edited post's draft will override the existing draft of the same topic even if we saved it.
2023-06-27 14:07:23 +05:30
Jarek Radosz 4880b30bc4
DEV: Force update of unset-value (#22287)
…to close automated upgrade warnings. the api didn't have any breaking changes between 1.x and 2.x
2023-06-27 10:26:59 +02:00
Vinoth Kannan d261e0aee0
DEV: add raw plugin outlet to create new topic list item columns. (#22296)
This commit will introduce a new plugin outlet in the raw topic list item handlebar. We can add a new column at the end using this plugin outlet.
2023-06-27 13:48:54 +05:30
chapoi 2548b819be
UX: add max-width to thread indicator (#22282) 2023-06-27 09:30:15 +02:00
Jarek Radosz 11da996304
DEV: Remove ember-rfc176-data (#22290) 2023-06-27 07:55:51 +02:00
Alan Guo Xiang Tan 75b402f07c
UX: Fix position of filters in edit categories/tags nav menu modals (#22292)
Why this change?

We want the position of the filters to remain fixed when scrolling
through the list of categories or tags. Otherwise, the user has to
scroll all the way back to othe top in order to access the filters when
the list of categories or tags is large.
2023-06-27 12:52:42 +08:00
Krzysztof Kotlarek 9cf981f1f1
FEATURE: new watched_precedence_over_muted setting (#22252)
New setting which allow admin to define behavior when topic is in watched category and muted topic and vice versa.

If watched_precedence_over_muted setting is true, that topic is still visible in list of topics and notification is created.

If watched_precedence_over_muted setting is false, that topic is not still visible in list of topics and notification is skipped as well.
2023-06-27 14:49:34 +10:00
Alan Guo Xiang Tan 4f7f9ef87c
UX: Order categories in edit navigation menu modal by name (#22291)
Why does this change do?

If the `fixed_category_positions` is `false`, we want to order the
categories in the edit navigation menu categories modal by name. This
makes it easier to filter through a large list of categories.

This commit also fixes a bug where we were unintentionally mutating the
`this.site.categories` array.
2023-06-27 10:31:48 +08:00
Loïc Guitaut 885ab9a015
DEV: Introduce an `array` type for Chat contracts (#22278)
This small patch registers a new `ActiveModel` type: `array`.
It will split a string on `,` to create a new array. If the value is
already an array, nothing will happen and for all other types, it will
wrap the value in an array.

Here’s an example on an existing contract:
```ruby
  attribute :target_usernames

  before_validation do
    self.target_usernames =
      (
        if target_usernames.is_a?(String)
          target_usernames.split(",")
        else
          target_usernames
        end
      )
  end

  # can be rewritten as:

  attribute :target_usernames, :array
```
2023-06-27 10:51:58 +10:00
Jarek Radosz 6517e6d47a
DEV: Force upgrade of `loader-utils` (#22289) 2023-06-27 02:09:27 +02:00
Jarek Radosz a318fb5be4
DEV: Update moment-timezone (#22284) 2023-06-27 02:09:13 +02:00
dependabot[bot] 6b9c497a58
Build(deps): Bump timeout from 0.3.2 to 0.4.0 (#22267)
Bumps [timeout](https://github.com/ruby/timeout) from 0.3.2 to 0.4.0.
- [Release notes](https://github.com/ruby/timeout/releases)
- [Commits](https://github.com/ruby/timeout/compare/v0.3.2...v0.4.0)

---
updated-dependencies:
- dependency-name: timeout
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 08:05:30 +08:00
Alan Guo Xiang Tan df04a99db9
FIX: Abort transition when `transition.from` present on new-topic route (#22253)
Why is this change required?

The `/new-topic` route is a special route which we use to open the
composer by loading a URL. By default, the `new-topic` route is replaced with the
`discovery.latest` route. On a fresh page load, this makes sense since
there is no template for the `new-topic` route to render. However, this
behavior does not make sense if we're transition from another route.
There is no need to replace the current route with the `discovery.latest` when all we want
is to open the composer.

What does this commit do?

This commit fixes the undesirable behaviour described above by aborting
the existing transition to the `new-topic` route if `transition.from` is
present. This indicates that we're navigating from an existing route and
we can just open the composer.
2023-06-27 08:03:51 +08:00
dependabot[bot] 343f09a152
Build(deps): Bump rspec-support from 3.12.0 to 3.12.1 (#22286)
Bumps [rspec-support](https://github.com/rspec/rspec-support) from 3.12.0 to 3.12.1.
- [Changelog](https://github.com/rspec/rspec-support/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-support/compare/v3.12.0...v3.12.1)

---
updated-dependencies:
- dependency-name: rspec-support
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 01:22:18 +02:00
dependabot[bot] 0cd7ec923e
Build(deps): Bump rubocop from 1.53.0 to 1.53.1 (#22288)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.53.0 to 1.53.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.53.0...v1.53.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 01:21:36 +02:00
Rafael dos Santos Silva 3f7105e7cd
FEATURE: Try to load plugin gems platform variants (#21643) 2023-06-26 15:11:35 -03:00
Vinoth Kannan fa047d928d
FIX: render plugin's commit URL correctly and open in new window. (#22273)
Previously, the URLs are missed in the commit links in the version column. Follow up to: https://github.com/discourse/discourse/pull/22176
2023-06-26 22:43:25 +05:30
Bianca Nenciu 4bb4be958c
FIX: Show tag chooser in composer for PM on mobile (#22241)
This was not displayed on mobile due to space constraints. With better
organization of the title, category and tags inputs, it can be
displayed.
2023-06-26 20:12:32 +03:00
Jarek Radosz 0ca6f0cdb0
DEV: Remove ember-cli-dependency-checker (#22283)
While still in ember-cli new app blueprint, I don't think this package does much for us. It has support for older things like bower and npm-shrinkwrap, but doesn't support checking yarn.lock and doesn't necessarily work well with our project structure.
2023-06-26 17:57:12 +02:00
Bianca Nenciu d888a8b692
FEATURE: Show first notification tip to all users (#22258)
It used to show only to users with trust level 0 or 1 and users who
signed up in the past week.
2023-06-26 18:39:29 +03:00
Jarek Radosz d65c7d6ce3
DEV: Update ember-cli to 5.0.0 (#22280) 2023-06-26 17:15:59 +02:00
Joffrey JAFFEUX 0ab572fbf0
FIX: longer touch for active message (#22279)
Moving from 50ms to 125ms, it should limit cases where message is activated during scroll.
2023-06-26 16:59:10 +02:00
Jarek Radosz 9a276cb688
DEV: Update ember-resolver (#22277) 2023-06-26 16:14:27 +02:00
Kris ea2b5db462
UX: fix user preference `saved!` position (#22263) 2023-06-26 09:02:34 -04:00
chapoi 802fb3b194
UX: chat message thread indicator improvements (#22224)
- gridified the thread message indicator, alleviating some problems with positioning and overflow
participant avatars will overlap/smush on smaller size and mobile
- the excerpt went from 3 > 2 lines of wrapping on smaller size, still 1 line on large size
- dropped the copy of "last reply"
- fixed wrong line height
- moved the "x replies" over to the right near the participants, as that makes more sense
- using a bubble to indicate other participants, instead of copy

This PR introduces the @container query, which is experimental. Nothing will break when it's being viewed in a not-supported browser, but it will be less elegant.
2023-06-26 14:47:13 +02:00
dependabot[bot] 4dd9487e25
Build(deps): Bump html-entities in /app/assets/javascripts (#22269)
Bumps [html-entities](https://github.com/mdevils/html-entities) from 2.3.6 to 2.4.0.
- [Release notes](https://github.com/mdevils/html-entities/releases)
- [Changelog](https://github.com/mdevils/html-entities/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdevils/html-entities/compare/v2.3.6...v2.4.0)

---
updated-dependencies:
- dependency-name: html-entities
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 13:16:09 +02:00
Loïc Guitaut 0f4beab0fb DEV: Update the rubocop-discourse gem
This enables cops related to RSpec `subject`.

See https://github.com/discourse/rubocop-discourse/pull/32
2023-06-26 11:41:52 +02:00
Alan Guo Xiang Tan 8e1d049e6b
DEV: Skip flaky chat system tests (#22275)
The skipped tests are flaky even when running locally. This is being
tracked internally and will be unskipped once it is fixed.
2023-06-26 16:52:09 +08:00
Kris 6ec95fa79c
FIX: sidebar dot color when chat is off (#22264) 2023-06-26 10:43:35 +02:00
Alessio Cosenza 56718504ac
FEATURE: Add hooks for email poller plugins (#21384)
While we are unable to support OAUTH2 with pop3 (due to upstream dependency ruby/net-pop#16), we are adding the support for mail pollers plugin. Doing so, it would be possible to write a plugin which then uses other ways (microsoft graph sdk for example) to poll emails from a mailbox.

The idea is that a plugin would define a class which inherits from Email::Poller and defines a poll_mailbox static method which returns an array of strings. Then the plugin could call register_mail_poller(<class_name>) to have it registered. All the configuration (oauth2 tokens, email, etc) could be managed by sitesettings defined in the plugin.
2023-06-26 13:16:03 +08:00
Vinoth Kannan 52894b9d7c
FEATURE: display commit hash for each plugin on `/admin/plugins` page. (#22176)
It will help to find out the current version of the plugins even without the `docker_manager` plugin.
2023-06-26 10:09:57 +05:30
Ted Johansson a183f14d09
DEV: Update display name in new quote format - Part 2 (#22104)
This change adds support retroactively updating display names in the new quote format when the user's name is changed. It happens through a background job that is triggered by a callback when a user is saved with a new name.
2023-06-26 11:01:59 +08:00
Alan Guo Xiang Tan 0b5d5b0d40
DEV: Fix flaky tests by specifying tag names in asc order (#22271)
Why is this change required?

Previously, the tests in `viewing_sidebar_as_anonymous_user_spec.rb` was
flaky because the ordering of the tags changes depending on what the
auto generated tag names are. If a tag name is generated with the name
`tag10`, it would then be sorted before `tag9` which messes up the
ordering specified in our tests. This commit fixes the problem by
specifying the tag names instead of relying on the auto generated ones
by fabricator.
2023-06-26 10:09:26 +08:00
Alan Guo Xiang Tan fb8ce7d76e
DEV: Use `use_redis_snapshotting` in rate limiting test (#22270)
Why is this change required?

Prevents the test from leaking state in Redis and ends up causing other
tests to become flaky.
2023-06-26 09:47:00 +08:00
Sérgio Saquetim 486edb845c
DEV: Added data attributes to identify the user settings in the UI (#22261)
This commit adds data attributes to identify the controls in the user settings UI.

Plugins and TCs can use this information to target each setting to highlight or hide
them.

Although most of the settings also have specific classes identifying them, using data
attributes is more future proof as it is less likely to change them classes, specially
as we increase the adoption of the BEM methodology in CSS.

Using data attributes also are semantically correct as the setting name is data not really related to the classes used.
2023-06-23 16:51:59 -03:00
Sérgio Saquetim 40301fae36
DEV: Add plugin outlet above the navigation in the messages tab in the user profile (#22254) 2023-06-23 16:14:02 -03:00
Kris dec93cdac5
DEV: add before/after/below main-outlet outlets (#22260) 2023-06-23 14:12:27 -04:00
Kyle 9515bb5add
Fix structural problems with the openapi spec (#22256)
* Fix structural problems with the openapi spec

* Fix array issue for items
2023-06-23 11:06:45 -06:00
Mark VanLandingham 36b9572bb1
FIX: Attempt to reconnect to server when browser visibilty changes (#22259) 2023-06-23 11:32:34 -05:00